Hacker101 CTF — “Hello World” — writeup

Photo by NihoNorway graphy on Unsplash
Hello World CTF

Hail Ghidra!

Locating the main function was easy. I change variable names and retyped them provides readability. Fairly easy program but the interesting parts are, obvious “error”, memory buffer initializes with fixed size and input is restricted size, besides this, there is the additional custom function read_all_stdin instead of gets . This is the indication we can do a buffer overflow.

Ghidra
read_all_stdin — retyped and renamed

FLAG!

Flag Captured

What did I learn?

Almost everything. I had a very small experience with a native code environment and everything was new and amazing for me. Starting from the c program architecture ending with ELF and LSB/MSB.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Merab Tato Kutalia

Merab Tato Kutalia

Android GDE, Software Engineer with 8 years of experience, specializing in Android